-

CVE-2025-68797

EPSS 0.03%
Veröffentlicht 13.01.2026 15:29:07
Zuletzt bearbeitet 19.01.2026 13:16:14
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

char: applicom: fix NULL pointer dereference in ac_ioctl

Discovered by Atuin - Automated Vulnerability Discovery Engine.

In ac_ioctl, the validation of IndexCard and the check for a valid
RamIO pointer are skipped when cmd is 6. However, the function
unconditionally executes readb(apbs[IndexCard].RamIO + VERS) at the
end.

If cmd is 6, IndexCard may reference a board that does not exist
(where RamIO is NULL), leading to a NULL pointer dereference.

Fix this by skipping the readb access when cmd is 6, as this
command is a global information query and does not target a specific
board context.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 5a6240804fb7bbd4f5f6e706955248a6f4c1abbc

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < d1b0452280029d05a98c75631131ee61c0b0d084

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 0b8b353e09888bccee405e0dd6feafb60360f478

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < d285517429a75423789e6408653e57b6fdfc8e54

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 74883565c621eec6cd2e35fe6d27454cf2810c23

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < f83e3e9f89181b42f6076a115d767a7552c4a39e

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 82d12088c297fa1cef670e1718b3d24f414c23f7

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.12

Status affected

Version < 2.6.12

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.248

Status unaffected

Version <= 5.15.*

Version 5.15.198

Status unaffected

Version <= 6.1.*

Version 6.1.160

Status unaffected

Version <= 6.6.*

Version 6.6.120

Status unaffected

Version <= 6.12.*

Version 6.12.64

Status unaffected

Version <= 6.18.*

Version 6.18.3

Status unaffected

Version <= *

Version 6.19-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.088

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/0b8b353e09888bccee405e0dd6feafb60360f478

https://git.kernel.org/stable/c/d285517429a75423789e6408653e57b6fdfc8e54

https://git.kernel.org/stable/c/74883565c621eec6cd2e35fe6d27454cf2810c23

https://git.kernel.org/stable/c/f83e3e9f89181b42f6076a115d767a7552c4a39e

https://git.kernel.org/stable/c/82d12088c297fa1cef670e1718b3d24f414c23f7

https://git.kernel.org/stable/c/5a6240804fb7bbd4f5f6e706955248a6f4c1abbc

https://git.kernel.org/stable/c/d1b0452280029d05a98c75631131ee61c0b0d084

https://nvd.nist.gov/vuln/detail/CVE-2025-68797

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68797

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68797

EUVD